Xen tools

From Xen

xen-tools—a straightforward VM provisioning/installation tool

Xen-tools is a straightforward Xen VM provisioning tool with an unusual but attractive approach. It is used in the XenProject.org automated testing system, for installing Debian-derived test VMs, but can also be run from the command line.

What makes xen-tools special?

Most VM provisioning tools arrange to run the guest’s copy of its own installer, in a fresh VM with a blank disk. They provide preseeding information with the answers to the questions that the installer asks. Another common approach is to have a blessed disk image, and make a guest by making a copy (perhaps a copy-on-write clone) of the master.

xen-tools doesn’t work like that. Instead, it relies on the existing Debian tools for installing chroots. chroots are a kind of lightweight near-virtualisation and are very heavily used by Debian’s developers to allow them to develop packages for different versions of the OS from the one they have installed (including perhaps different derivatives—so for example allowing packages for Ubuntu to be developed on a Debian machine or vice versa). Sometimes users find it chroots useful to gain access to different versions of software packages too.

xen-tools uses the chroot installation tool debootstrap: it sets up the disk area or LVM for the new VM, and then installs the new guest by running debootstrap in the management domain. The resulting approach is very simple compared to a VM-based run of the entire installer. There is no need to manage the booting of the installer, provide it with preseed information to configure it properly, and so forth. Logging and error handling are much improved. And you get pretty good control over the exact contents of the guest.

When should you choose xen-tools?

Xen-tools is aimed at systems administered from the command-line using xl/xm (perhaps with some management layer on top of that). xen-tools will write a domain configuration file suitable for use with xl or xm.

The biggest limitation is that it can only install a limited set of guests. The version of xen-tools in Debian testing can install most versions of Debian or Ubuntu, and also has support for CentOS 5 and 6. (The CentOS support is done using rinse rather than debootstrap.)

You should not install an operating system with xen-tools if you mistrust, from a security point of view, the source of the binary packages for that OS. This is because xen-tools’s installation approach doesn’t do the actual installation in a VM and in principle it would be possible for a rogue package to “escape” from the installation process and contaminate your host. This isn’t relevant, of course, if your host is Debian and you are intending to install a Debian guest. And the attack would have to come in the form of maliciously bad packages from the Debian, Ubuntu or CentOS mirrors, which is pretty unlikely.

But if you can use xen-tools I think you’ll find it simple and convenient to use—and fast, especially if you have a local mirror.

How to install xen-tools

On Debian, it is all just a matter of:

apt-get install xen-tools

As a xen-tools package is included in the Debian project. Alternatively, a .deb package can be downloaded and installed (with dpkg -i ...) from here.

On a recent Fedora (this has been tested on Fedora 18), although there is no official xen-tools RPM package, it is enough to install the following packages:

yum install debootstrap perl-Text-Templateh \
             perl-Config-IniFiles perl-File-Slurp \
             perl-File-Which perl-Data-Dumper

And then download and install xen-tools itself from the sources:

wget http://xen-tools.org/software/xen-tools/xen-tools-4.3.1.tar.gz
tar zxvf xen-tools-4.3.1.tar.gz
cd xen-tools-4.3.1
make install

How to use xen-tools

The primary entrypoint is the program xen-create-image. It has a comprehensive manual page.

xen-create-image knows how to create LVs for the disk and swap. Here’s an example invocation from the XenProject.org automated testing system:

xen-create-image \
           --dhcp --mac 5a:36:0e:48:00:0e \
           --memory 512M --swap 1000M \
           --dist squeeze \
           --mirror \
           --hostname debian.guest.osstest \
           --lvm field-cricket --force \
           --kernel /boot/vmlinuz- \
           --initrd /boot/initrd.img- \
           --arch i386 

After having done that there are some wrinkles that my automatic test system fixes up: it overwrite the ssh keys and authorization setup so that all test VMs all have the same keys. The inittab is modified to spawn a console on the guest’s Xen PV console hvc0:

xc:2345:respawn:/sbin/getty 38400 hvc0

Xen tools and XL & XM

Xen-tools generates config files that will work with XM and XL. However, some scripts shipped with xen-tools will invoke the toolstack in some circumstances, e.g. xt-create-xen-config and xm-create-image.

Xen-tools contains some logic which will try and figure out which toolstack is available, but will prefer XM when it is available.

If you come across an issue please report a bug against the relevant package maintainer or on the xen-tools list



So all in all I think xen-tools is a straightforward and convenient tool for doing a particular job well. Thanks to Axel Beckert, Dmitry Nedospasov, Stéphane Jourdois, Steve Kemp and the other contributors to xen-tools!